﻿using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;
using System.Text.RegularExpressions;

namespace V5_Common
{
    public class Utils
    {
        /// <summary>
        /// 将指定的Object的值转换成字符串类型
        /// </summary>
        /// <param name="p">待转换的object参数</param>
        /// <returns>转换后的字符串，如果参数P为null, 则返回""字符串</returns>
        public static string SafeString(object p)
        {
            if (p == null)
                return "";

            if (p is string)
                return ((string)p).Trim();

            return p.ToString().Trim();
        }

        //安全过滤
        static Regex _filterInjectionRegex;
        public static string FilterInjection(object s)
        {
            s = SafeString(s).Replace("'", "‘");
            if (_filterInjectionRegex == null)
                _filterInjectionRegex = new Regex(@"%3D|=|%27|%2D|--|%3B|;", RegexOptions.IgnoreCase);

            if (_filterInjectionRegex.IsMatch(s.ToString()))
                throw new Exception("传入字符中有非法字符");

            return s.ToString();
        }
    }
}
